Updated on July 18, 2024
You’re returning from a delicious and restful lunch break, ready to tackle the afternoon’s challenges.
You take a deep breath, power up your computer, and open your ticketing queue.
The first 20 tickets? All password resets.
Can’t your valuable time and expertise be used for something other than such a basic, tedious task?
The answer is yes. And it’s made possible by MSP password management tools. With all users’ passwords and MFA tokens stored and shared in a centralized platform, you stop wasting time on useless tasks and spend your energy going above and beyond for your clients — ultimately boosting your retention and revenue numbers.
But what’s so special about password managers, and what should you look for in a vendor? Below, we’ll explain why managed service providers (MSPs) need password management, the benefits of a robust password manager like JumpCloud, and best practices for implementation and adoption.
Why MSPs Need Password Management
Every employee has heard the same refrain, “Use a long, hard-to-crack password, and never share your credentials with anyone.”
And yet:
- 15% of people use their own first name in their password.
- 65% of people reuse their passwords across personal and work accounts.
- 62% of people say they store logins in a notebook or journal.
Even scarier? 80% of all data breaches are linked to passwords. All it takes is one good guess or one great hacker to wreak havoc on one of your clients. Scarier still, the fines and reputational damage associated with compliance violations can be enough to shut your clients down for good.
Managed service providers can’t let that happen. MSP-centric password managers can keep cybercriminals at bay by enforcing password creation rules, sending update reminders, and safely sharing access to resources, team credit cards, and more. They can also require the use of two-factor or multi-factor authentication (MFA) for an extra layer of security and be integrated with other identity and access management (IAM) solutions to monitor user activity and ensure companies are operating under a Zero Trust security framework.
At the same time, password managers take pressure off of your clients’ users. By remembering one master password, they can unlock access to all of their online accounts, drastically decreasing the volume of password reset requests.
7 Benefits of JumpCloud Password Manager for MSPs
MSPs have long requested an enterprise password management tool that allows their users to share passwords and MFA tokens. JumpCloud Password Manager offers a manageable and secure way to empower users to do just that.
The JumpCloud Password Manager enables teams to securely manage and share passwords, 2FA (two-factor authentication) tokens, and other types of sensitive information. By combining the JumpCloud Password Manager with centralized identity, access, and device management, you can empower your clients with seamless resource access whether they’re using password-based authentication, SSO, or MFA — minimal IT involvement needed.
What’s more, as a JumpCloud MSP partner, your account executives can have you up and running with Password Manager before your next password reset ticket — implementation comes free.
If you’re not a current JumpCloud MSP partner and you’re still weighing your various password management options, it can be difficult to determine which solution is best. To help you make the best decision for your company and your clients, let’s review some of the concrete advantages of implementing JumpCloud Password Manager.
1. Multi-Tenant Capabilities
As an MSP scales, it becomes nearly impossible to keep track of individual clients’ password managers and other IAM solutions. That’s one reason why MSPs or VARs steer clear of offering password management — it’s too many moving parts without a high enough ROI.
But JumpCloud Password Manager was built specifically for multi-tenant user management, unifying MSP operations to deliver services to all clients at once. All controls are in one place, and all controls are configured the same way, making it easier to standardize your SOPs and password policies across all of your clients. JumpCloud’s multi-tenant user management features also have built-in tracking and reporting, empowering MSPs to share KPIs and proactively detect suspicious user activity.
From JumpCloud’s Multi-Tenant Portal (MTP), MSPs can easily enforce other identity and access management features, like single sign-on (SSO), multi-factor authentication, and RADIUS management. And because JumpCloud is a cloud-based platform, MSPs can provide IAM services from anywhere.
2. Centralized Password Storage
Keeping user credentials stored in the same platform makes it easier for MSPs to track and manage. MSPs gain visibility into all password-related activity, and they can institute rules to restrict all access to sensitive applications when employees leave their job. In a centralized password management system, users benefit from password sharing capabilities, reducing friction and enabling productivity. With cloud-based password managers like JumpCloud, end users can access and sync password vaults from multiple devices, enabling remote work and hybrid models.
3. Improved Security Measures
JumpCloud’s password management and multi-tenant access control capabilities are designed to protect MSP clients’ sensitive data in an encrypted vault. Not only do secure password vaults prevent internal and external threats, they also allow MSPs to enforce stricter requirements in accordance with GDPR, HIPAA, or other general IT controls that clients must abide by. Because JumpCloud’s Password Manager is a part of JumpCloud’s broader identity and access management solution, it also comes with extra protections like multi-factor authentication and role-based access control features.
JumpCloud Password Manager can also help users generate sufficiently unique, complex passwords on a specific cadence and monitor the average user’s security score and average password strength. On the backend, it has tiered permissions and audit logs to hold all MSP admins responsible. Leveraging JumpCloud’s latest and greatest security features gives you and your clients greater peace of mind.
4. Streamlined Client Onboarding and Offboarding
JumpCloud’s Multi-Tenant Portal makes client onboarding and offboarding a seamless process. Within JumpCloud’s role-based access control architecture, MSPs can add and edit orgs, add and delete admins, manage individual devices and users, and process master password resets straight from the cloud in a matter of clicks. JumpCloud’s permission structure decreases the odds of making errors during client transitions. You can assign team members specific roles ranging from Admin w/Billing (effectively a super user) to Help Desk to Read Only.
5. Simplify Vendor Management Process
An MSP’s vendor management responsibilities can be as complex as another full-time client. And the more vendors you have to rely on to provide a comprehensive tech stack, the less time you have to win that new account. That’s why we built our Password Manager directly into the JumpCloud platform.
Whether you’re a new partner or JumpCloud’s already part of your tech stack, you’ll enjoy both SSO and password management directly within one portal – without increasing your stack’s complexity.
6. Meet Popular Client Requests on Your Terms
Password management can be a bit of a touchy subject for MSPs. Since it’s often an a la carte or add-on feature, many clients try to do their own research on the cheapest solution and bring it to their MSP to implement.
This scenario rarely works out for either party. MSPs are forced to complicate their tech stack, often with a product they don’t trust or recommend. And the cheapest possible solutions rarely prioritize intuitive user experiences, leading to frustrations for the technicians and admins that must manage the product.
MSPs can readily recommend JumpCloud Password Manager to any of their clients currently using JumpCloud, with assignment and deployment being only a few clicks away. In addition to a seamless rollout experience, you can avoid the long process of convincing your client that they can trust this new vendor you are introducing into their environments.
7. Grow Revenue and Productivity — Without Increasing Costs
With JumpCloud Password Manager, you are no longer forced to choose between affordability and security. If you’re enrolled in JumpCloud for MSPs, Password Manager is included in your plan, making implementing it for your clients a no-brainer. If you’re considering switching to JumpCloud, combining SSO and password manager into one platform may lower your total cost of ownership.
Adding password management to your tech stack can also increase your team’s productivity and efficiency, decreasing your need for additional staff. Password resets make up anywhere from 20% to 50% of an organization’s support ticket load, meaning your technicians waste valuable time handling one of the most easily solved problems in the technology industry. This can translate into a situation where even offering password management as a service to your clients for free can have a real impact on your bottom line.
Best Practices for MSPs Using a Password Manager
Password managers have the potential to improve security, effectiveness, and efficiency. But reaping the full benefits of a password manager depends on:
- Regularly checking password-related activity. MSPs have a duty to prevent insider threats. And to do that, they must have a process in place to review who is accessing sensitive applications or information and when. If they notice any suspicious activity, they need to report it to their clients’ IT department and work with their security team to swiftly resolve the issue.
- Enabling password generation. We all know end users have trouble creating robust passwords. So why not have a tool to do it for them? Solutions like JumpCloud Password Manager come with built-in password generation to form passwords to your character and length specifications.
- Rotating passwords. Not only do employees tend to use passwords that are easy to remember, they will also keep the same password until they receive a notice to change it. As a best practice, use your password manager to automatically prompt password changes (to a completely new, non-recycled password) at least once every 1-3 months. These prompts should be inclusive of network applications, cloud applications, in-house systems, and other department-specific software or hardware. Be sure you configure your password manager to change the passwords to any applications former staff had access to following their departure as well.
- Activating multi-factor authentication. MFA adds another layer of security against cyber threats beyond password management. Biometric factors like a person’s face or fingerprint or authenticator app tokens are tough for hackers to replicate or hack. Enabling MFA further reduces client risk and may be mandated by their own security and compliance policies.
- Employee enablement. Employees won’t use a new tool if they don’t know how to use it or why it exists. It’s the MSP’s job to explain how password managers work and onboard employees to the new platform. Conduct trainings, create leave-behind materials employees can reference later, and be on standby for questions pre- and post-implementation to encourage adoption. Emphasize the why behind using a password manager and stress its importance to the organization’s overall security.
JumpCloud vs Traditional MSP Password Managers
Traditional password managers don’t always offer the features that MSPs need to ensure security and compliance. This is especially true for offline password managers that sacrifice usability for security—and even then, keeping passwords strictly local doesn’t offer a strong guarantee against credential-based attacks. Cloud-based password managers offer a generally more robust set of features, but credentials stored in the cloud can be vulnerable to attack. JumpCloud Password Manager offers the best of both worlds with a hybrid storage model.
JumpCloud Password Manager’s decentralized architecture allows password vaults to be stored locally on devices, while a cloud-based system seamlessly syncs passwords between devices using end-to-end encryption. This hybrid format bridges the gap between security and convenience. What’s more, JumpCloud Password Manager offers a true multi-tenant format designed for MSPs. This allows IT admins to manage SSO and MFA configurations directly through a centralized admin panel.
Offline Password Managers | Cloud-based Password Managers | JumpCloud Password Manager | |
Password storage | Local, limited to a single device | Stored on the cloud | Local and synchronized to the cloud with end-to-end encryption. |
Access via user-managed master password | Yes | Yes | No |
Centralized admin panel | No | Yes | Yes |
Centralized visibility | No | Yes | Yes |
Multi-tenant capabilities | No | Sometimes—it depends on the vendor. | Yes |
Native integration with cloud directory, SSO, and MFA | No | No | Yes |
Real-world Examples and Case Studies
Effective, secure password management improves security and reduces risk in a variety of scenarios. Authentication vulnerabilities are a constant source of risk throughout the enterprise, and MSPs must deploy a solution that’s ready to confront the challenge.
JumpCloud has already helped IT and security leaders at MSPs maximize the potential of password management in many different ways. Here are some real-world examples of how managed service vendors have used our technology to stay ahead of compromised credentials:
- Syn Ack Fin (SAF) relies on JumpCloud to support business owners balancing Active Directory issues with macOS users and enabling SSO throughout the network. JumpCloud provides on-demand infrastructure for clients who don’t have a compatible password database or enforceable policies set up.
- 96Firm set up SSO and cross-domain identity management for its clients, but needed help establishing and enforcing password policies on client devices. JumpCloud simplifies mobile device management while dramatically improving on-device password security.
- RR Consulting & MSP relied on Jamf for years, but needed additional identity product and account synchronization features—especially the ability to integrate password management with SSO and maintain SOC 2-compliance, which JumpCloud delivered.
- Altitude Integrations needed to replace Active Directory and simplify its time-consuming on-premises password management processes. JumpCloud enables the cloud service provider to streamline password resets and management for end users while enhancing the vendor’s overall security posture.
Learn More About JumpCloud for MSPs
Here at JumpCloud, we are working hard to meet the needs of our MSP Partners, their clients, and the users that rely upon our platform every day. With the arrival of JumpCloud Password Manager, we have taken yet another step in the direction of making the open directory platform more powerful than ever.
If you have any questions about Password Manager, reach out to your account executive today or check out our FAQ.
If you’re new here, visit our JumpCloud for MSPs page or get started with a free trial today.